Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Ensure '/etc/system-fips' exists
On a system where FIPS mode is enabled, <code>/etc/system-fips</code> must exist. To enable FIPS mode, run the following command: <pre>fips-mode-se...Rule High Severity -
Set kernel parameter 'crypto.fips_enabled' to 1
System running in FIPS mode is indicated by kernel parameter <code>'crypto.fips_enabled'</code>. This parameter should be set to <code>1</code> in ...Rule High Severity -
Install crypto-policies package
Thecrypto-policiespackage can be installed with the following command:$ sudo yum install crypto-policies
Rule Medium Severity -
Configure BIND to use System Crypto Policy
Crypto Policies provide a centralized control over crypto algorithms usage of many packages. BIND is supported by crypto policy, but the BIND confi...Rule High Severity -
Configure System Cryptography Policy
To configure the system cryptography policy to use ciphers only from the <code><xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_system_...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules